Cyber Security, Emails and the Public Sector – Interview with Red Sift

Edd Elliott

13 September 2017

Cyber Security, Emails and the Public Sector – Interview with Red Sift

We talk to Product Strategy Director of GovStart member Red Sift about the need for greater email security in the public sector.

Cyber security can be a complicated topic. How would you explain Red Sift & OnDMARC to someone who didn’t have a background in cyber security?

Red Sift is a secure data platform for developers. It facilitates the creation of applications aimed at solving big data problems. On top of the Red Sift platform we have created our cybersecurity product OnDMARC, which is focused on email security.

Email is the main vehicle to deliver cyber attacks and different studies show that 91% of cyberattacks start with phishing emails. Through email impersonation cyber criminals can pretend to be you, spoofing your email address and relying on your brand reputation to get the recipient to carry out actions. The DMARC protocol is a fix to this vulnerability. However, DMARC can be time consuming and complication to implement

OnDMARC helps organisations implement the DMARC protocol by providing users with clear actions on how to configure their DMARC records. This allows users with no cyber security background to be able to quickly and safely implement the protocol and be protected against cyber attacks that start with email.

Why is DMARC particularly important for the public sector?

The importance for DMARC in the public sector has been proven by cases like HMRC’s recent attacks. Almost all national and local government organisations use email as a communicational channel through which to support citizens: from confirming appointments to arranging bulky refuse collection. It’s therefore paramount for everyone to trust that the email they receive from someone purporting to be a government organisation is indeed generated by that organisation.

This makes the protection that DMARC offers vitally important for the public sector. In fact, the National Cyber Security Centre (NCSC) has required any government organisation, be it central government or local authorities, to implement the DMARC protocol.

What could potentially happen if you weren’t DMARC protected?

We regularly meet people from both big and small companies where they have experienced the fallout of unauthorised third parties sending emails “on their behalf” to their customers, suppliers and employees.

The risks that unprotected organisations face can be things like:

Increased malware attacks – When employees open an impersonated email they’re increasing the risk of installing ransomware on the network

Loss of sensitive data – A common aim of email impersonation is to extract confidential email from the recipient which can then be used or sold

Financial loss – Fraudulent emails often request funds to be transferred so not only is there the initial loss, but with the upcoming GDPR legislation any data breaches will be further amplified with financial penalties.

Reputational damage – Even if the phoney email didn’t originate from your organisation the recipient will undoubtedly associate the negative experience with you.

How is Red Sift developing its product for future cyber security threats?

We use a mix of technologies and particularly AI to make our product more and more self-service. We believe that platform-based technology can help democratise the protection provided by DMARC, helping small and large organisations get protected against cyberattacks.

What do you see as the future of cyber security? How will cyber security look in 5-10 years’ time?

Cyber security, just like other areas of security, is a race between who can evolve quickest – attacker or defender. Fifteen years ago you could use email with basic spam and phishing filters. However, now strong filters and multiple email authentication methods are critical. It’s a certainty that in 5-10 years we will see not only a wide adoption of DMARC but also it being mandated by regulators across different industries and insurance providers.

In the near future Cybersecurity will be impacted by different technological developments, but perhaps most significantly by Artificial Intelligence. As the complexity of security infrastructure grows to match new and emerging threats, AI will emerge as a crucial way organisations can begin to make sense of the growing number of daily reports, alerts and incidents.